package com.yh.intercept;

import com.opensymphony.xwork2.ActionContext;
import com.opensymphony.xwork2.ActionInvocation;
import com.opensymphony.xwork2.interceptor.MethodFilterInterceptor;

import java.util.Map;

public class PermitInterceptor extends MethodFilterInterceptor {

    @Override
    protected String doIntercept(ActionInvocation act) throws Exception {
        ActionContext atx= act.getInvocationContext();
        String name= (String) atx.getSession().get("name");
        Map request = (Map)atx.get("request");

        if (name==null){
            request.put("msg","您还没有登录,请先<a href='login.jsp'>登录</a>");
            return "error";
        }else {
          String method=act.getProxy().getMethod().toLowerCase();
          if (!"admin".equals(name)&&(method.startsWith("add")||method.startsWith("update")||method.startsWith("del"))){
              request.put("msg","您没有权限,请<a href='javascript:history.go(-1)'>返回</a>");
              return "error";
          }
        }
        return act.invoke();
    }
}
